Skip to content

feat: snyk-gradle-plugin improvements #5852

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 25, 2025
Merged

feat: snyk-gradle-plugin improvements #5852

merged 1 commit into from
Apr 25, 2025
+50 −9

Conversation

gitphill
Copy link
Contributor

@gitphill gitphill commented Apr 23, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment: Low
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

Include all module artifacts as nodes in the dep-graph:

Changes the ID of nodes in the resulting dep-graph resolved by snyk-gradle-plugin.

The new node ID ensures each module artifact is identified as:

groupId:artifactId:type(:classifier)@version

where type and (optionally) classifier are new.

Where should the reviewer start?

This PR simply bumps the snyk-gradle-plugin, see the plugin PR for more details.

How should this be manually tested?

snyk test on a Gradle project, to see the dep-graph use snyk test --print-deps --json-output-file=out.json then cat out.json | jq .depGraph

@gitphill gitphill requested a review from a team as a code owner April 23, 2025 17:16
@gitphill gitphill self-assigned this Apr 23, 2025
@gitphill gitphill force-pushed the feat/snyk-gradle-plugin-bump branch 4 times, most recently from dccf8c8 to 043025c Compare April 25, 2025 13:00
@snyk snyk deleted a comment from github-actions bot Apr 25, 2025
@gitphill gitphill force-pushed the feat/snyk-gradle-plugin-bump branch from 043025c to d96ca22 Compare April 25, 2025 13:49
@gitphill
feat: snyk-gradle-plugin improvements
7991133 
Include all module artifacts as nodes in the dep-graph:
snyk/snyk-gradle-plugin#299

Changes the ID of nodes in the resulting dep-graph resolved by snyk-gradle-plugin.

The new node ID ensures each module artifact is identified as:

`groupId:artifactId:type(:classifier)@version`

where type and (optionally) classifier are new.
@gitphill gitphill force-pushed the feat/snyk-gradle-plugin-bump branch from d96ca22 to 7991133 Compare April 25, 2025 16:44
@gitphill gitphill merged commit 22fadf7 into main Apr 25, 2025
7 checks passed
@gitphill gitphill deleted the feat/snyk-gradle-plugin-bump branch April 25, 2025 17:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danlucian danlucian danlucian approved these changes

Assignees

@gitphill gitphill

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gitphill @danlucian